General
-
Target
994901bfc4a85b2721bc5b4ff2c05311231fe9f9e9489a99693d545da69c628d
-
Size
700KB
-
Sample
241109-y145ca1fpa
-
MD5
b7bc8952a3c962eb53fd4a453da4d9d4
-
SHA1
4245ecb09ade5b5b2afad87b9b5d7d314f55e0e8
-
SHA256
994901bfc4a85b2721bc5b4ff2c05311231fe9f9e9489a99693d545da69c628d
-
SHA512
5933c1defcfb72d3b641550ec21218c9833f3e314279f7f48eca3737068565369d4d5d12669f1dc2af7398f63b8eb4b7b2b307e4313606e63932bb5428f2a8fc
-
SSDEEP
12288:Zy90gOABum7AWMFOiK9wFSr341k6ILZk5AGQ4HJcaapKMVdbd6AoblnCBYr/:Zy9LubWMIDmsroW6CZkpba8uxYVCs
Static task
static1
Behavioral task
behavioral1
Sample
994901bfc4a85b2721bc5b4ff2c05311231fe9f9e9489a99693d545da69c628d.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
994901bfc4a85b2721bc5b4ff2c05311231fe9f9e9489a99693d545da69c628d
-
Size
700KB
-
MD5
b7bc8952a3c962eb53fd4a453da4d9d4
-
SHA1
4245ecb09ade5b5b2afad87b9b5d7d314f55e0e8
-
SHA256
994901bfc4a85b2721bc5b4ff2c05311231fe9f9e9489a99693d545da69c628d
-
SHA512
5933c1defcfb72d3b641550ec21218c9833f3e314279f7f48eca3737068565369d4d5d12669f1dc2af7398f63b8eb4b7b2b307e4313606e63932bb5428f2a8fc
-
SSDEEP
12288:Zy90gOABum7AWMFOiK9wFSr341k6ILZk5AGQ4HJcaapKMVdbd6AoblnCBYr/:Zy9LubWMIDmsroW6CZkpba8uxYVCs
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1